The corporate media has all but accepted the resounding narrative that Russia hacked the U.S. election. But as outlets like the Washington Post receive harsh criticism for perpetuating these as-of-yet unconfirmed allegations, it appears the media isn’t the only institution that’s failing to practice due diligence.

Last week, the FBI released a joint analysis report with the Department of Homeland Security that focused on providing tips to prevent another cyber attack. But the agencies also claimed to have proof Russia hacked the Democratic National Committee’s (DNC) servers — acts that resulted in the leaks of private emails that embarrassed the party and Hillary Clinton and arguably helped defeat her presidential campaign. But even as the media has parroted this analysis without question — ignoring valid objections from cyber security experts — the FBI itself reportedly failed to conduct an investigation into the DNC’s email servers.

“Six months after the FBI first said it was investigating the hack of the Democratic National Committee’s computer network, the bureau has still not requested access to the hacked servers,” Buzzfeed Newsreported exclusively on Wednesday.

According to their report, Eric Walker, the DNC’s deputy communications director, said in an email:

“The DNC had several meetings with representatives of the FBI’s Cyber Division and its Washington (DC) Field Office, the Department of Justice’s National Security Division, and U.S. Attorney’s Offices, and it responded to a variety of requests for cooperation, butthe FBI never requested access to the DNC’s computer servers.”

In May, private cyber security firm Crowdstrike claimed to have discovered evidence that Russian intelligence agencies had hacked the DNC. But as tech-oriented Ars Technica has noted of Crowdstrike’s findings:

“[W]hile the hackers may have been caught in the act digitally, the details by themselves don’t offer definitive proof of the identity of those behind the anti-Clinton hacking campaign. Public details currently don’t offer clear insight into the specific intent behind these hacks, either.”

In fact, one criticism of the recent joint FBI-DHS report pointed out the difference between private and public intelligence. Robert M. Lee, a former U.S. Air Force Cyber Warfare Operations Officer and founder and CEO of cyber security firm Dragos, explained that data from different sources bears different confidence ratings — and the FBI and DHS failed to disclose which data they were referencing in the report. As Buzzfeed notes, “…the analysis was attributed to broad intelligence across both public and private sectors. Nowhere in the report does it say that the government conducted its own computer forensics on the DNC servers.”

Regardless, Buzzfeed reports that an intelligence official said the FBI has relied on Crowdstrike’s information. “CrowdStrike is pretty good. There’s no reason to believe that anything that they have concluded is not accurate,” the official reportedly said.

Still, according to industry experts, the FBI likely broke from precedent by failing to conduct its own investigation of the DNC server:

“BuzzFeed News spoke to three cybersecurity companies who have worked on major breaches in the last 15 months, who said that it was ‘par for the course’ for the FBI to do their own forensic research into the hacks.”

As such, Buzzfeed points out, it is unclear why the FBI failed to request access to the servers. “Beginning at the time the intrusion was discovered by the DNC, the DNC cooperated fully with the FBI and its investigation, providing access to all of the information uncovered by CrowdStrike — without any limits,” Walker claims. But even as it had that access, the FBI didn’t attempt to access the servers.

Worse, according to the intelligence official cited by Buzzfeed, “No US government entity has run an independent forensic analysis on the system.”

As the media continues to report the ‘Russia-hacked-the-election’ narrative as fact — and their articles are increasingly condemned for failing to provide hard evidence — it appears the authorities making the claims are also failing to conduct sufficient research.